//package com.itchu.auth.filter;
//
//import com.fasterxml.jackson.databind.ObjectMapper;
//import com.itchu.auth.config.JwtProperties;
//import com.itchu.common.utils.JwtUtils;
//import com.itchu.system.domain.SysRole;
//import com.itchu.system.domain.SysUser;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.AuthenticationException;
//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
//
//import javax.servlet.FilterChain;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.io.PrintWriter;
//import java.util.HashMap;
//import java.util.List;
//import java.util.Map;
//
//public class TokenLonginFilter extends UsernamePasswordAuthenticationFilter {
//
//    //这两个属性不能直接注入到ioc容器
//    private AuthenticationManager authenticationManager;
//
//    private JwtProperties prop;
//
//    public TokenLonginFilter(AuthenticationManager authenticationManager, JwtProperties prop) {
//        this.authenticationManager = authenticationManager;
//        this.prop = prop;
//    }
//
//
//    // 接收并解析用户凭证
//    @Override
//    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
//
//        try {
//            // 获取登录请求的用户名和密码，转成sysUser对象
//            SysUser sysUser = new ObjectMapper().readValue(request.getInputStream(), SysUser.class);
//            // 走spring Security框架的验证用户名和密码
//            return authenticationManager.authenticate(
//                    new UsernamePasswordAuthenticationToken(
//                            sysUser.getUsername(),
//                            sysUser.getPassword())
//            );
//        } catch (IOException e) {
//
//            // 没有用，用户名或密码错误不走这里
//            try {
//                // 如果认证失败就返回错误信息
//                response.setContentType("application/json;charset=utf-8");
//                response.setStatus(403);
//                PrintWriter out = response.getWriter();
//                Map<String, Object> map = new HashMap<String, Object>();
//                map.put("code", HttpServletResponse.SC_UNAUTHORIZED);
//                map.put("message", "账号或密码错误！");
//                out.write(new ObjectMapper().writeValueAsString(map));
//                out.flush();
//                out.close();
//            } catch (IOException ex) {
//                ex.printStackTrace();
//            }
//            throw new RuntimeException(e);
//        }
//    }
//
//
//    // 用户名和密码验证成功之后走的方法
//    @Override
//    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {
//
////        SysUser user = new SysUser();
////        user.setUsername(authResult.getName());
////        user.setRoles((List<SysRole>) authResult.getAuthorities());
//
//        // 上面的就不要了，authResult的principal的对象包含认证成功后sysUser对象的全部信息
//        SysUser authUser = (SysUser) authResult.getPrincipal();
//        // 为了安全起见就把认证后用户的密码不放进jwt的载荷对象
//        authUser.setPassword("");
//
//        // 生成token
//        String token = JwtUtils.generateTokenExpireInMinutes(authUser,prop.getPrivateKey(),prop.getUser().getExpire());
//
//
//        // 现在考虑把token放在请求头好还是cookie中好
//
//        // 用户对象里面有权限了，下面也直接可以返回动态菜单
//
//        // 返回token
//        response.setHeader("Authorization","Bearer"+token);
//        try {
//            //登录成功時，返回json格式进行提示
//            response.setContentType("application/json;charset=utf-8");
//            response.setStatus(HttpServletResponse.SC_OK);
//            PrintWriter out = response.getWriter();
//            Map<String, Object> map = new HashMap<String, Object>();
//            map.put("code", HttpServletResponse.SC_OK);
//            map.put("message", "登陆成功！");
//            out.write(new ObjectMapper().writeValueAsString(map));
//            out.flush();
//            out.close();
//        } catch (Exception e1) {
//            e1.printStackTrace();
//        }
//    }
//}
